From patchwork Sun May 12 10:37:55 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: =?utf-8?q?Ludovic_Court=C3=A8s?= <ludo@gnu.org>
X-Patchwork-Id: 13960
Return-Path: <guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org>
X-Original-To: patchwork@mira.cbaines.net
Delivered-To: patchwork@mira.cbaines.net
Received: by mira.cbaines.net (Postfix, from userid 113)
	id 4C36216FD2; Sun, 12 May 2019 11:39:20 +0100 (BST)
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on mira.cbaines.net
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham
	autolearn_force=no version=3.4.0
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17])
	by mira.cbaines.net (Postfix) with ESMTP id F241716F26
	for <patchwork@mira.cbaines.net>; Sun, 12 May 2019 11:39:19 +0100 (BST)
Received: from localhost ([127.0.0.1]:41519 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org>)
	id 1hPlsy-0007AM-Hm
	for patchwork@mira.cbaines.net; Sun, 12 May 2019 06:39:16 -0400
Received: from eggs.gnu.org ([209.51.188.92]:53135)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1hPlsn-00071O-JC
	for guix-patches@gnu.org; Sun, 12 May 2019 06:39:06 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1hPlsl-0007Vt-LW
	for guix-patches@gnu.org; Sun, 12 May 2019 06:39:05 -0400
Received: from debbugs.gnu.org ([209.51.188.43]:56633)
	by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
	(Exim 4.71) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
	id 1hPlsk-0007VK-6A
	for guix-patches@gnu.org; Sun, 12 May 2019 06:39:02 -0400
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1hPlsk-0002tA-2Q
	for guix-patches@gnu.org; Sun, 12 May 2019 06:39:02 -0400
X-Loop: help-debbugs@gnu.org
Subject: [bug#35697] [PATCH 1/8] system: Export
	'operating-system-default-essential-services'.
References: <20190512103055.16832-1-ludo@gnu.org>
In-Reply-To: <20190512103055.16832-1-ludo@gnu.org>
Resent-From: Ludovic =?utf-8?q?Court=C3=A8s?= <ludo@gnu.org>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: guix-patches@gnu.org
Resent-Date: Sun, 12 May 2019 10:39:02 +0000
Resent-Message-ID: <handler.35697.B35697.155765750010977@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 35697
X-GNU-PR-Package: guix-patches
X-GNU-PR-Keywords: patch
To: 35697@debbugs.gnu.org
Received: via spool by 35697-submit@debbugs.gnu.org id=B35697.155765750010977
	(code B ref 35697); Sun, 12 May 2019 10:39:02 +0000
Received: (at 35697) by debbugs.gnu.org; 12 May 2019 10:38:20 +0000
Received: from localhost ([127.0.0.1]:41924 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1hPls4-0002qy-Ft
	for submit@debbugs.gnu.org; Sun, 12 May 2019 06:38:20 -0400
Received: from eggs.gnu.org ([209.51.188.92]:38668)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <ludo@gnu.org>) id 1hPls3-0002qa-6U
	for 35697@debbugs.gnu.org; Sun, 12 May 2019 06:38:19 -0400
Received: from fencepost.gnu.org ([2001:470:142:3::e]:54349)
	by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <ludo@gnu.org>)
	id 1hPlry-0007Hv-1W; Sun, 12 May 2019 06:38:14 -0400
Received: from [2a01:e0a:1d:7270:af76:b9b:ca24:c465] (port=41590 helo=gnu.org)
	by fencepost.gnu.org with esmtpsa
	(TLS1.2:DHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.82)
	(envelope-from <ludo@gnu.org>)
	id 1hPlrx-00052w-KH; Sun, 12 May 2019 06:38:13 -0400
From: Ludovic =?utf-8?q?Court=C3=A8s?= <ludo@gnu.org>
Date: Sun, 12 May 2019 12:37:55 +0200
Message-Id: <20190512103802.17032-1-ludo@gnu.org>
X-Mailer: git-send-email 2.21.0
MIME-Version: 1.0
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-Received-From: 209.51.188.43
X-BeenThere: guix-patches@gnu.org
List-Id: <guix-patches.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-patches>,
	<mailto:guix-patches-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/guix-patches/>
List-Post: <mailto:guix-patches@gnu.org>
List-Help: <mailto:guix-patches-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-patches>,
	<mailto:guix-patches-request@gnu.org?subject=subscribe>
Cc: Chris Marusich <cmmarusich@gmail.com>
Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org
Sender: "Guix-patches"
	<guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org>
X-getmail-retrieved-from-mailbox: Patches

* gnu/system.scm (essential-services): Rename to...
(operating-system-default-essential-services): ... this.
(<operating-system>)[essential-services]: Adjust accordingly.
---
 gnu/system.scm | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/gnu/system.scm b/gnu/system.scm
index 0489b9720d..2c4ca55ffc 100644
--- a/gnu/system.scm
+++ b/gnu/system.scm
@@ -72,6 +72,7 @@
             operating-system-bootloader
             operating-system-services
             operating-system-essential-services
+            operating-system-default-essential-services
             operating-system-user-services
             operating-system-packages
             operating-system-host-name
@@ -213,7 +214,8 @@
 
   (essential-services operating-system-essential-services ; list of services
                       (thunked)
-                      (default (essential-services this-operating-system)))
+                      (default (operating-system-default-essential-services
+                                this-operating-system)))
   (services operating-system-user-services        ; list of services
             (default %base-services))
 
@@ -463,7 +465,7 @@ value of the SYSTEM-SERVICE-TYPE service."
                 ("initrd" ,initrd)
                 ("locale" ,locale))))))   ;used by libc
 
-(define* (essential-services os)
+(define (operating-system-default-essential-services os)
   "Return the list of essential services for OS.  These are special services
 that implement part of what's declared in OS are responsible for low-level
 bookkeeping."

From patchwork Sun May 12 10:37:56 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: =?utf-8?q?Ludovic_Court=C3=A8s?= <ludo@gnu.org>
X-Patchwork-Id: 13956
Return-Path: <guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org>
X-Original-To: patchwork@mira.cbaines.net
Delivered-To: patchwork@mira.cbaines.net
Received: by mira.cbaines.net (Postfix, from userid 113)
	id 8F87916F4A; Sun, 12 May 2019 11:39:08 +0100 (BST)
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on mira.cbaines.net
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham
	autolearn_force=no version=3.4.0
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17])
	by mira.cbaines.net (Postfix) with ESMTP id 2A02C16F26
	for <patchwork@mira.cbaines.net>; Sun, 12 May 2019 11:39:08 +0100 (BST)
Received: from localhost ([127.0.0.1]:41511 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org>)
	id 1hPlsp-00071r-P9
	for patchwork@mira.cbaines.net; Sun, 12 May 2019 06:39:07 -0400
Received: from eggs.gnu.org ([209.51.188.92]:53136)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1hPlsn-00071P-JB
	for guix-patches@gnu.org; Sun, 12 May 2019 06:39:06 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1hPlsl-0007W6-Rc
	for guix-patches@gnu.org; Sun, 12 May 2019 06:39:05 -0400
Received: from debbugs.gnu.org ([209.51.188.43]:56634)
	by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
	(Exim 4.71) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
	id 1hPlsk-0007VU-LY
	for guix-patches@gnu.org; Sun, 12 May 2019 06:39:03 -0400
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1hPlsk-0002tH-Hn
	for guix-patches@gnu.org; Sun, 12 May 2019 06:39:02 -0400
X-Loop: help-debbugs@gnu.org
Subject: [bug#35697] [PATCH 2/8] linux-container: Improve filtering of
	unnecessary file systems.
Resent-From: Ludovic =?utf-8?q?Court=C3=A8s?= <ludo@gnu.org>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: guix-patches@gnu.org
Resent-Date: Sun, 12 May 2019 10:39:02 +0000
Resent-Message-ID: <handler.35697.B35697.155765750210992@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 35697
X-GNU-PR-Package: guix-patches
X-GNU-PR-Keywords: patch
To: 35697@debbugs.gnu.org
Received: via spool by 35697-submit@debbugs.gnu.org id=B35697.155765750210992
	(code B ref 35697); Sun, 12 May 2019 10:39:02 +0000
Received: (at 35697) by debbugs.gnu.org; 12 May 2019 10:38:22 +0000
Received: from localhost ([127.0.0.1]:41927 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1hPls5-0002rD-QI
	for submit@debbugs.gnu.org; Sun, 12 May 2019 06:38:22 -0400
Received: from eggs.gnu.org ([209.51.188.92]:38670)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <ludo@gnu.org>) id 1hPls4-0002qc-6P
	for 35697@debbugs.gnu.org; Sun, 12 May 2019 06:38:20 -0400
Received: from fencepost.gnu.org ([2001:470:142:3::e]:54350)
	by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <ludo@gnu.org>)
	id 1hPlrz-0007IA-1l; Sun, 12 May 2019 06:38:15 -0400
Received: from [2a01:e0a:1d:7270:af76:b9b:ca24:c465] (port=41590 helo=gnu.org)
	by fencepost.gnu.org with esmtpsa
	(TLS1.2:DHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.82)
	(envelope-from <ludo@gnu.org>)
	id 1hPlry-00052w-Hw; Sun, 12 May 2019 06:38:14 -0400
From: Ludovic =?utf-8?q?Court=C3=A8s?= <ludo@gnu.org>
Date: Sun, 12 May 2019 12:37:56 +0200
Message-Id: <20190512103802.17032-2-ludo@gnu.org>
X-Mailer: git-send-email 2.21.0
In-Reply-To: <20190512103802.17032-1-ludo@gnu.org>
References: <20190512103802.17032-1-ludo@gnu.org>
MIME-Version: 1.0
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-Received-From: 209.51.188.43
X-BeenThere: guix-patches@gnu.org
List-Id: <guix-patches.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-patches>,
	<mailto:guix-patches-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/guix-patches/>
List-Post: <mailto:guix-patches@gnu.org>
List-Help: <mailto:guix-patches-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-patches>,
	<mailto:guix-patches-request@gnu.org?subject=subscribe>
Cc: Chris Marusich <cmmarusich@gmail.com>
Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org
Sender: "Guix-patches"
	<guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org>
X-getmail-retrieved-from-mailbox: Patches

* gnu/system/linux-container.scm (containerized-operating-system)[user-file-systems]:
Add trailing slash for the "/dev/" and "/sys/" prefixes.
---
 gnu/system/linux-container.scm | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/gnu/system/linux-container.scm b/gnu/system/linux-container.scm
index 149c3d08a3..ded5f279fe 100644
--- a/gnu/system/linux-container.scm
+++ b/gnu/system/linux-container.scm
@@ -65,8 +65,8 @@ containerized OS."
                     (string=? target "/")
                     (and (string? source)
                          (string-prefix? "/dev/" source))
-                    (string-prefix? "/dev" target)
-                    (string-prefix? "/sys" target))))
+                    (string-prefix? "/dev/" target)
+                    (string-prefix? "/sys/" target))))
             (operating-system-file-systems os)))
 
   (define (mapping->fs fs)

From patchwork Sun May 12 10:37:57 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: =?utf-8?q?Ludovic_Court=C3=A8s?= <ludo@gnu.org>
X-Patchwork-Id: 13961
Return-Path: <guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org>
X-Original-To: patchwork@mira.cbaines.net
Delivered-To: patchwork@mira.cbaines.net
Received: by mira.cbaines.net (Postfix, from userid 113)
	id 2D2DE16F4A; Sun, 12 May 2019 11:39:23 +0100 (BST)
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on mira.cbaines.net
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,URIBL_BLOCKED
	autolearn=ham autolearn_force=no version=3.4.0
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17])
	by mira.cbaines.net (Postfix) with ESMTP id DB55216F26
	for <patchwork@mira.cbaines.net>; Sun, 12 May 2019 11:39:22 +0100 (BST)
Received: from localhost ([127.0.0.1]:41523 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org>)
	id 1hPlt4-0007Cl-AE
	for patchwork@mira.cbaines.net; Sun, 12 May 2019 06:39:22 -0400
Received: from eggs.gnu.org ([209.51.188.92]:53170)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1hPlso-00071T-D6
	for guix-patches@gnu.org; Sun, 12 May 2019 06:39:07 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1hPlsn-0007Wn-FN
	for guix-patches@gnu.org; Sun, 12 May 2019 06:39:06 -0400
Received: from debbugs.gnu.org ([209.51.188.43]:56635)
	by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
	(Exim 4.71) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
	id 1hPlsl-0007Vd-7X
	for guix-patches@gnu.org; Sun, 12 May 2019 06:39:03 -0400
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1hPlsl-0002tP-1m
	for guix-patches@gnu.org; Sun, 12 May 2019 06:39:03 -0400
X-Loop: help-debbugs@gnu.org
Subject: [bug#35697] [PATCH 3/8] services: 'gc-root-service-type' now has a
	default value.
Resent-From: Ludovic =?utf-8?q?Court=C3=A8s?= <ludo@gnu.org>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: guix-patches@gnu.org
Resent-Date: Sun, 12 May 2019 10:39:03 +0000
Resent-Message-ID: <handler.35697.B35697.155765750210998@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 35697
X-GNU-PR-Package: guix-patches
X-GNU-PR-Keywords: patch
To: 35697@debbugs.gnu.org
Received: via spool by 35697-submit@debbugs.gnu.org id=B35697.155765750210998
	(code B ref 35697); Sun, 12 May 2019 10:39:03 +0000
Received: (at 35697) by debbugs.gnu.org; 12 May 2019 10:38:22 +0000
Received: from localhost ([127.0.0.1]:41929 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1hPls6-0002rF-41
	for submit@debbugs.gnu.org; Sun, 12 May 2019 06:38:22 -0400
Received: from eggs.gnu.org ([209.51.188.92]:38673)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <ludo@gnu.org>) id 1hPls5-0002qe-6O
	for 35697@debbugs.gnu.org; Sun, 12 May 2019 06:38:21 -0400
Received: from fencepost.gnu.org ([2001:470:142:3::e]:54351)
	by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <ludo@gnu.org>)
	id 1hPls0-0007Ie-1f; Sun, 12 May 2019 06:38:16 -0400
Received: from [2a01:e0a:1d:7270:af76:b9b:ca24:c465] (port=41590 helo=gnu.org)
	by fencepost.gnu.org with esmtpsa
	(TLS1.2:DHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.82)
	(envelope-from <ludo@gnu.org>)
	id 1hPlrz-00052w-IE; Sun, 12 May 2019 06:38:15 -0400
From: Ludovic =?utf-8?q?Court=C3=A8s?= <ludo@gnu.org>
Date: Sun, 12 May 2019 12:37:57 +0200
Message-Id: <20190512103802.17032-3-ludo@gnu.org>
X-Mailer: git-send-email 2.21.0
In-Reply-To: <20190512103802.17032-1-ludo@gnu.org>
References: <20190512103802.17032-1-ludo@gnu.org>
MIME-Version: 1.0
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-Received-From: 209.51.188.43
X-BeenThere: guix-patches@gnu.org
List-Id: <guix-patches.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-patches>,
	<mailto:guix-patches-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/guix-patches/>
List-Post: <mailto:guix-patches@gnu.org>
List-Help: <mailto:guix-patches-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-patches>,
	<mailto:guix-patches-request@gnu.org?subject=subscribe>
Cc: Chris Marusich <cmmarusich@gmail.com>
Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org
Sender: "Guix-patches"
	<guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org>
X-getmail-retrieved-from-mailbox: Patches

* gnu/services.scm (gc-root-service-type)[default-value]: New field.
---
 gnu/services.scm | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/gnu/services.scm b/gnu/services.scm
index f151bbaa9d..7de78105ff 100644
--- a/gnu/services.scm
+++ b/gnu/services.scm
@@ -1,5 +1,5 @@
 ;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2015, 2016, 2017, 2018 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2015, 2016, 2017, 2018, 2019 Ludovic Courtès <ludo@gnu.org>
 ;;; Copyright © 2016 Chris Marusich <cmmarusich@gmail.com>
 ;;;
 ;;; This file is part of GNU Guix.
@@ -649,7 +649,8 @@ as Wifi cards.")))
                 (extend append)
                 (description
                  "Register garbage-collector roots---i.e., store items that
-will not be reclaimed by the garbage collector.")))
+will not be reclaimed by the garbage collector.")
+                (default-value '())))
 
 
 ;;;

From patchwork Sun May 12 10:37:58 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: =?utf-8?q?Ludovic_Court=C3=A8s?= <ludo@gnu.org>
X-Patchwork-Id: 13957
Return-Path: <guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org>
X-Original-To: patchwork@mira.cbaines.net
Delivered-To: patchwork@mira.cbaines.net
Received: by mira.cbaines.net (Postfix, from userid 113)
	id A157F16F4A; Sun, 12 May 2019 11:39:09 +0100 (BST)
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on mira.cbaines.net
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham
	autolearn_force=no version=3.4.0
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17])
	by mira.cbaines.net (Postfix) with ESMTP id 3F75716F26
	for <patchwork@mira.cbaines.net>; Sun, 12 May 2019 11:39:09 +0100 (BST)
Received: from localhost ([127.0.0.1]:41513 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org>)
	id 1hPlsq-00072f-Pj
	for patchwork@mira.cbaines.net; Sun, 12 May 2019 06:39:08 -0400
Received: from eggs.gnu.org ([209.51.188.92]:53134)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1hPlsn-00071N-JC
	for guix-patches@gnu.org; Sun, 12 May 2019 06:39:06 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1hPlsl-0007WB-S1
	for guix-patches@gnu.org; Sun, 12 May 2019 06:39:05 -0400
Received: from debbugs.gnu.org ([209.51.188.43]:56636)
	by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
	(Exim 4.71) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
	id 1hPlsl-0007Vn-IT
	for guix-patches@gnu.org; Sun, 12 May 2019 06:39:03 -0400
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1hPlsl-0002tW-FB
	for guix-patches@gnu.org; Sun, 12 May 2019 06:39:03 -0400
X-Loop: help-debbugs@gnu.org
Subject: [bug#35697] [PATCH 4/8] linux-container: Do not add
	%CONTAINER-FILE-SYSTEMS to Docker image OSes.
Resent-From: Ludovic =?utf-8?q?Court=C3=A8s?= <ludo@gnu.org>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: guix-patches@gnu.org
Resent-Date: Sun, 12 May 2019 10:39:03 +0000
Resent-Message-ID: <handler.35697.B35697.155765750411024@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 35697
X-GNU-PR-Package: guix-patches
X-GNU-PR-Keywords: patch
To: 35697@debbugs.gnu.org
Received: via spool by 35697-submit@debbugs.gnu.org id=B35697.155765750411024
	(code B ref 35697); Sun, 12 May 2019 10:39:03 +0000
Received: (at 35697) by debbugs.gnu.org; 12 May 2019 10:38:24 +0000
Received: from localhost ([127.0.0.1]:41934 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1hPls8-0002re-D5
	for submit@debbugs.gnu.org; Sun, 12 May 2019 06:38:24 -0400
Received: from eggs.gnu.org ([209.51.188.92]:38676)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <ludo@gnu.org>) id 1hPls6-0002qh-6T
	for 35697@debbugs.gnu.org; Sun, 12 May 2019 06:38:22 -0400
Received: from fencepost.gnu.org ([2001:470:142:3::e]:54352)
	by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <ludo@gnu.org>)
	id 1hPls1-0007Iy-1Y; Sun, 12 May 2019 06:38:17 -0400
Received: from [2a01:e0a:1d:7270:af76:b9b:ca24:c465] (port=41590 helo=gnu.org)
	by fencepost.gnu.org with esmtpsa
	(TLS1.2:DHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.82)
	(envelope-from <ludo@gnu.org>)
	id 1hPls0-00052w-IA; Sun, 12 May 2019 06:38:16 -0400
From: Ludovic =?utf-8?q?Court=C3=A8s?= <ludo@gnu.org>
Date: Sun, 12 May 2019 12:37:58 +0200
Message-Id: <20190512103802.17032-4-ludo@gnu.org>
X-Mailer: git-send-email 2.21.0
In-Reply-To: <20190512103802.17032-1-ludo@gnu.org>
References: <20190512103802.17032-1-ludo@gnu.org>
MIME-Version: 1.0
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-Received-From: 209.51.188.43
X-BeenThere: guix-patches@gnu.org
List-Id: <guix-patches.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-patches>,
	<mailto:guix-patches-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/guix-patches/>
List-Post: <mailto:guix-patches@gnu.org>
List-Help: <mailto:guix-patches-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-patches>,
	<mailto:guix-patches-request@gnu.org?subject=subscribe>
Cc: Chris Marusich <cmmarusich@gmail.com>
Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org
Sender: "Guix-patches"
	<guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org>
X-getmail-retrieved-from-mailbox: Patches

Previously, 'guix system docker-image' would end up providing an OS that
would try to mount all of %CONTAINER-FILE-SYSTEMS as well as /gnu/store,
which is bound to fail in unprivileged Docker.

This patch makes it so that 'guix system container' still gets those
file systems, but 'guix system docker-image' doesn't.

* gnu/system/linux-container.scm (containerized-operating-system): Add
 #:extra-file-systems parameter and honor it.  Do not import
 %STORE-MAPPING.
(container-script): Add %STORE-MAPPING to MAPPINGS and pass
 #:extra-file-systems.
---
 gnu/system/linux-container.scm | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)

diff --git a/gnu/system/linux-container.scm b/gnu/system/linux-container.scm
index ded5f279fe..5adec064f7 100644
--- a/gnu/system/linux-container.scm
+++ b/gnu/system/linux-container.scm
@@ -53,10 +53,12 @@ from OS that are needed on the bare metal and not in a container."
                      (return `(("locale" ,locale))))))
         base))
 
-(define (containerized-operating-system os mappings)
+(define* (containerized-operating-system os mappings
+                                         #:key
+                                         (extra-file-systems '()))
   "Return an operating system based on OS for use in a Linux container
 environment.  MAPPINGS is a list of <file-system-mapping> to realize in the
-containerized OS."
+containerized OS.  EXTRA-FILE-SYSTEMS is a list of file systems to add to OS."
   (define user-file-systems
     (remove (lambda (fs)
               (let ((target (file-system-mount-point fs))
@@ -88,15 +90,17 @@ containerized OS."
                         (memq (service-kind service)
                               useless-services))
                       (operating-system-user-services os)))
-    (file-systems (append (map mapping->fs (cons %store-mapping mappings))
-                          %container-file-systems
+    (file-systems (append (map mapping->fs mappings)
+                          extra-file-systems
                           user-file-systems))))
 
 (define* (container-script os #:key (mappings '()))
   "Return a derivation of a script that runs OS as a Linux container.
 MAPPINGS is a list of <file-system> objects that specify the files/directories
 that will be shared with the host system."
-  (let* ((os           (containerized-operating-system os mappings))
+  (let* ((os           (containerized-operating-system
+                        os (cons %store-mapping mappings)
+                        #:extra-file-systems %container-file-systems))
          (file-systems (filter file-system-needed-for-boot?
                                (operating-system-file-systems os)))
          (specs        (map file-system->spec file-systems)))

From patchwork Sun May 12 10:37:59 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: =?utf-8?q?Ludovic_Court=C3=A8s?= <ludo@gnu.org>
X-Patchwork-Id: 13963
Return-Path: <guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org>
X-Original-To: patchwork@mira.cbaines.net
Delivered-To: patchwork@mira.cbaines.net
Received: by mira.cbaines.net (Postfix, from userid 113)
	id 1FF4E16F4A; Sun, 12 May 2019 11:39:35 +0100 (BST)
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on mira.cbaines.net
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham
	autolearn_force=no version=3.4.0
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17])
	by mira.cbaines.net (Postfix) with ESMTP id 9804516F26
	for <patchwork@mira.cbaines.net>; Sun, 12 May 2019 11:39:34 +0100 (BST)
Received: from localhost ([127.0.0.1]:41531 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org>)
	id 1hPltG-0007Kl-2h
	for patchwork@mira.cbaines.net; Sun, 12 May 2019 06:39:34 -0400
Received: from eggs.gnu.org ([209.51.188.92]:53179)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1hPlso-00071g-PJ
	for guix-patches@gnu.org; Sun, 12 May 2019 06:39:07 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1hPlsn-0007X9-KR
	for guix-patches@gnu.org; Sun, 12 May 2019 06:39:06 -0400
Received: from debbugs.gnu.org ([209.51.188.43]:56637)
	by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
	(Exim 4.71) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
	id 1hPlsm-0007WH-3b
	for guix-patches@gnu.org; Sun, 12 May 2019 06:39:05 -0400
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1hPlsm-0002te-0o
	for guix-patches@gnu.org; Sun, 12 May 2019 06:39:04 -0400
X-Loop: help-debbugs@gnu.org
Subject: [bug#35697] [PATCH 5/8] linux-container: Compute essential services
	for THIS-OPERATING-SYSTEM.
Resent-From: Ludovic =?utf-8?q?Court=C3=A8s?= <ludo@gnu.org>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: guix-patches@gnu.org
Resent-Date: Sun, 12 May 2019 10:39:03 +0000
Resent-Message-ID: <handler.35697.B35697.155765750511030@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 35697
X-GNU-PR-Package: guix-patches
X-GNU-PR-Keywords: patch
To: 35697@debbugs.gnu.org
Received: via spool by 35697-submit@debbugs.gnu.org id=B35697.155765750511030
	(code B ref 35697); Sun, 12 May 2019 10:39:03 +0000
Received: (at 35697) by debbugs.gnu.org; 12 May 2019 10:38:25 +0000
Received: from localhost ([127.0.0.1]:41936 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1hPls8-0002rl-Nu
	for submit@debbugs.gnu.org; Sun, 12 May 2019 06:38:24 -0400
Received: from eggs.gnu.org ([209.51.188.92]:38679)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <ludo@gnu.org>) id 1hPls7-0002qj-9a
	for 35697@debbugs.gnu.org; Sun, 12 May 2019 06:38:23 -0400
Received: from fencepost.gnu.org ([2001:470:142:3::e]:54353)
	by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <ludo@gnu.org>)
	id 1hPls2-0007JB-1i; Sun, 12 May 2019 06:38:18 -0400
Received: from [2a01:e0a:1d:7270:af76:b9b:ca24:c465] (port=41590 helo=gnu.org)
	by fencepost.gnu.org with esmtpsa
	(TLS1.2:DHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.82)
	(envelope-from <ludo@gnu.org>)
	id 1hPls1-00052w-I1; Sun, 12 May 2019 06:38:17 -0400
From: Ludovic =?utf-8?q?Court=C3=A8s?= <ludo@gnu.org>
Date: Sun, 12 May 2019 12:37:59 +0200
Message-Id: <20190512103802.17032-5-ludo@gnu.org>
X-Mailer: git-send-email 2.21.0
In-Reply-To: <20190512103802.17032-1-ludo@gnu.org>
References: <20190512103802.17032-1-ludo@gnu.org>
MIME-Version: 1.0
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-Received-From: 209.51.188.43
X-BeenThere: guix-patches@gnu.org
List-Id: <guix-patches.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-patches>,
	<mailto:guix-patches-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/guix-patches/>
List-Post: <mailto:guix-patches@gnu.org>
List-Help: <mailto:guix-patches-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-patches>,
	<mailto:guix-patches-request@gnu.org?subject=subscribe>
Cc: Chris Marusich <cmmarusich@gmail.com>
Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org
Sender: "Guix-patches"
	<guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org>
X-getmail-retrieved-from-mailbox: Patches

Previously, the 'essential-services' would correspond to the initial,
non-containerized OS.  Thus, all the file systems removed in
'container-essential-services' would actually still be there because the
essential services would be computed on the non-containerized OS.

This is a followup to 69cae3d3356a69b7fe69481338f760545995485e.

* gnu/system/linux-container.scm (container-essential-services): Call
'operating-system-default-essential-services' to get the baseline
services.
(containerized-operating-system): Pass THIS-OPERATING-SYSTEM, not OS, to
'container-essential-services'.
Add a dummy root file system to 'file-systems'.
---
 gnu/system/linux-container.scm | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/gnu/system/linux-container.scm b/gnu/system/linux-container.scm
index 5adec064f7..fc2e05a5bc 100644
--- a/gnu/system/linux-container.scm
+++ b/gnu/system/linux-container.scm
@@ -45,7 +45,7 @@ from OS that are needed on the bare metal and not in a container."
                     (list (service-kind %linux-bare-metal-service)
                           firmware-service-type
                           system-service-type)))
-            (operating-system-essential-services os)))
+            (operating-system-default-essential-services os)))
 
   (cons (service system-service-type
                  (let ((locale (operating-system-locale-directory os)))
@@ -85,14 +85,20 @@ containerized OS.  EXTRA-FILE-SYSTEMS is a list of file systems to add to OS."
   (operating-system
     (inherit os)
     (swap-devices '()) ; disable swap
-    (essential-services (container-essential-services os))
+    (essential-services (container-essential-services this-operating-system))
     (services (remove (lambda (service)
                         (memq (service-kind service)
                               useless-services))
                       (operating-system-user-services os)))
     (file-systems (append (map mapping->fs mappings)
                           extra-file-systems
-                          user-file-systems))))
+                          user-file-systems
+
+                          ;; Provide a dummy root file system.
+                          (list (file-system
+                                  (mount-point "/")
+                                  (device "none")
+                                  (type "none")))))))
 
 (define* (container-script os #:key (mappings '()))
   "Return a derivation of a script that runs OS as a Linux container.

From patchwork Sun May 12 10:38:00 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: =?utf-8?q?Ludovic_Court=C3=A8s?= <ludo@gnu.org>
X-Patchwork-Id: 13958
Return-Path: <guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org>
X-Original-To: patchwork@mira.cbaines.net
Delivered-To: patchwork@mira.cbaines.net
Received: by mira.cbaines.net (Postfix, from userid 113)
	id 6C72C16FD2; Sun, 12 May 2019 11:39:11 +0100 (BST)
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on mira.cbaines.net
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham
	autolearn_force=no version=3.4.0
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17])
	by mira.cbaines.net (Postfix) with ESMTP id C166516F26
	for <patchwork@mira.cbaines.net>; Sun, 12 May 2019 11:39:10 +0100 (BST)
Received: from localhost ([127.0.0.1]:41515 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org>)
	id 1hPlss-00074c-9N
	for patchwork@mira.cbaines.net; Sun, 12 May 2019 06:39:10 -0400
Received: from eggs.gnu.org ([209.51.188.92]:53176)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1hPlso-00071d-MX
	for guix-patches@gnu.org; Sun, 12 May 2019 06:39:07 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1hPlsn-0007XC-Ka
	for guix-patches@gnu.org; Sun, 12 May 2019 06:39:06 -0400
Received: from debbugs.gnu.org ([209.51.188.43]:56638)
	by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
	(Exim 4.71) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
	id 1hPlsm-0007WP-JP
	for guix-patches@gnu.org; Sun, 12 May 2019 06:39:05 -0400
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1hPlsm-0002tl-FN
	for guix-patches@gnu.org; Sun, 12 May 2019 06:39:04 -0400
X-Loop: help-debbugs@gnu.org
Subject: [bug#35697] [PATCH 6/8] system: Add 'operating-system-with-gc-roots'.
Resent-From: Ludovic =?utf-8?q?Court=C3=A8s?= <ludo@gnu.org>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: guix-patches@gnu.org
Resent-Date: Sun, 12 May 2019 10:39:04 +0000
Resent-Message-ID: <handler.35697.B35697.155765750811051@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 35697
X-GNU-PR-Package: guix-patches
X-GNU-PR-Keywords: patch
To: 35697@debbugs.gnu.org
Received: via spool by 35697-submit@debbugs.gnu.org id=B35697.155765750811051
	(code B ref 35697); Sun, 12 May 2019 10:39:04 +0000
Received: (at 35697) by debbugs.gnu.org; 12 May 2019 10:38:28 +0000
Received: from localhost ([127.0.0.1]:41940 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1hPlsC-0002sA-1N
	for submit@debbugs.gnu.org; Sun, 12 May 2019 06:38:28 -0400
Received: from eggs.gnu.org ([209.51.188.92]:38682)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <ludo@gnu.org>) id 1hPls8-0002ql-64
	for 35697@debbugs.gnu.org; Sun, 12 May 2019 06:38:24 -0400
Received: from fencepost.gnu.org ([2001:470:142:3::e]:54354)
	by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <ludo@gnu.org>)
	id 1hPls3-0007JU-1G; Sun, 12 May 2019 06:38:19 -0400
Received: from [2a01:e0a:1d:7270:af76:b9b:ca24:c465] (port=41590 helo=gnu.org)
	by fencepost.gnu.org with esmtpsa
	(TLS1.2:DHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.82)
	(envelope-from <ludo@gnu.org>)
	id 1hPls2-00052w-IB; Sun, 12 May 2019 06:38:18 -0400
From: Ludovic =?utf-8?q?Court=C3=A8s?= <ludo@gnu.org>
Date: Sun, 12 May 2019 12:38:00 +0200
Message-Id: <20190512103802.17032-6-ludo@gnu.org>
X-Mailer: git-send-email 2.21.0
In-Reply-To: <20190512103802.17032-1-ludo@gnu.org>
References: <20190512103802.17032-1-ludo@gnu.org>
MIME-Version: 1.0
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-Received-From: 209.51.188.43
X-BeenThere: guix-patches@gnu.org
List-Id: <guix-patches.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-patches>,
	<mailto:guix-patches-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/guix-patches/>
List-Post: <mailto:guix-patches@gnu.org>
List-Help: <mailto:guix-patches-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-patches>,
	<mailto:guix-patches-request@gnu.org?subject=subscribe>
Cc: Chris Marusich <cmmarusich@gmail.com>
Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org
Sender: "Guix-patches"
	<guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org>
X-getmail-retrieved-from-mailbox: Patches

* gnu/tests/install.scm (operating-system-with-gc-roots): Move to...
* gnu/system.scm (operating-system-with-gc-roots): ... here.  New
procedure.
---
 gnu/system.scm        | 12 ++++++++++++
 gnu/tests/install.scm | 11 -----------
 2 files changed, 12 insertions(+), 11 deletions(-)

diff --git a/gnu/system.scm b/gnu/system.scm
index 2c4ca55ffc..01be1243fe 100644
--- a/gnu/system.scm
+++ b/gnu/system.scm
@@ -109,6 +109,7 @@
             operating-system-boot-script
 
             system-linux-image-file-name
+            operating-system-with-gc-roots
 
             boot-parameters
             boot-parameters?
@@ -519,6 +520,17 @@ bookkeeping."
    (append (operating-system-user-services os)
            (operating-system-essential-services os))))
 
+(define (operating-system-with-gc-roots os roots)
+  "Return a variant of OS where ROOTS are registered as GC roots."
+  (operating-system
+    (inherit os)
+
+    ;; We use this procedure for the installation OS, which already defines GC
+    ;; roots.  Add ROOTS to those.
+    (services (cons (simple-service 'extra-root
+                                    gc-root-service-type roots)
+                    (operating-system-user-services os)))))
+
 
 ;;;
 ;;; /etc.
diff --git a/gnu/tests/install.scm b/gnu/tests/install.scm
index 430a102378..7b5ee18505 100644
--- a/gnu/tests/install.scm
+++ b/gnu/tests/install.scm
@@ -123,17 +123,6 @@
                                     (inherit config)
                                     (guix (current-guix))))))))
 
-(define (operating-system-with-gc-roots os roots)
-  "Return a variant of OS where ROOTS are registered as GC roots."
-  (operating-system
-    (inherit os)
-
-    ;; We use this procedure for the installation OS, which already defines GC
-    ;; roots.  Add ROOTS to those.
-    (services (cons (simple-service 'extra-root
-                                    gc-root-service-type roots)
-                    (operating-system-user-services os)))))
-
 
 (define MiB (expt 2 20))
 

From patchwork Sun May 12 10:38:01 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: =?utf-8?q?Ludovic_Court=C3=A8s?= <ludo@gnu.org>
X-Patchwork-Id: 13962
Return-Path: <guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org>
X-Original-To: patchwork@mira.cbaines.net
Delivered-To: patchwork@mira.cbaines.net
Received: by mira.cbaines.net (Postfix, from userid 113)
	id 9411F16FD2; Sun, 12 May 2019 11:39:24 +0100 (BST)
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on mira.cbaines.net
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,URIBL_BLOCKED
	autolearn=ham autolearn_force=no version=3.4.0
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17])
	by mira.cbaines.net (Postfix) with ESMTP id 11C9F16F26
	for <patchwork@mira.cbaines.net>; Sun, 12 May 2019 11:39:24 +0100 (BST)
Received: from localhost ([127.0.0.1]:41525 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org>)
	id 1hPlt5-0007E7-IK
	for patchwork@mira.cbaines.net; Sun, 12 May 2019 06:39:23 -0400
Received: from eggs.gnu.org ([209.51.188.92]:53183)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1hPlso-00071k-Sz
	for guix-patches@gnu.org; Sun, 12 May 2019 06:39:08 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1hPlsn-0007XP-Kd
	for guix-patches@gnu.org; Sun, 12 May 2019 06:39:06 -0400
Received: from debbugs.gnu.org ([209.51.188.43]:56639)
	by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
	(Exim 4.71) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
	id 1hPlsn-0007Wb-0r
	for guix-patches@gnu.org; Sun, 12 May 2019 06:39:05 -0400
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1hPlsm-0002ts-UI
	for guix-patches@gnu.org; Sun, 12 May 2019 06:39:04 -0400
X-Loop: help-debbugs@gnu.org
Subject: [bug#35697] [PATCH 7/8] docker: 'build-docker-image' accepts an
	optional #:entry-point.
Resent-From: Ludovic =?utf-8?q?Court=C3=A8s?= <ludo@gnu.org>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: guix-patches@gnu.org
Resent-Date: Sun, 12 May 2019 10:39:04 +0000
Resent-Message-ID: <handler.35697.B35697.155765750811059@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 35697
X-GNU-PR-Package: guix-patches
X-GNU-PR-Keywords: patch
To: 35697@debbugs.gnu.org
Received: via spool by 35697-submit@debbugs.gnu.org id=B35697.155765750811059
	(code B ref 35697); Sun, 12 May 2019 10:39:04 +0000
Received: (at 35697) by debbugs.gnu.org; 12 May 2019 10:38:28 +0000
Received: from localhost ([127.0.0.1]:41942 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1hPlsC-0002sC-9c
	for submit@debbugs.gnu.org; Sun, 12 May 2019 06:38:28 -0400
Received: from eggs.gnu.org ([209.51.188.92]:38686)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <ludo@gnu.org>) id 1hPls9-0002qs-5v
	for 35697@debbugs.gnu.org; Sun, 12 May 2019 06:38:25 -0400
Received: from fencepost.gnu.org ([2001:470:142:3::e]:54355)
	by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <ludo@gnu.org>)
	id 1hPls4-0007Ji-11; Sun, 12 May 2019 06:38:20 -0400
Received: from [2a01:e0a:1d:7270:af76:b9b:ca24:c465] (port=41590 helo=gnu.org)
	by fencepost.gnu.org with esmtpsa
	(TLS1.2:DHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.82)
	(envelope-from <ludo@gnu.org>)
	id 1hPls3-00052w-Hj; Sun, 12 May 2019 06:38:19 -0400
From: Ludovic =?utf-8?q?Court=C3=A8s?= <ludo@gnu.org>
Date: Sun, 12 May 2019 12:38:01 +0200
Message-Id: <20190512103802.17032-7-ludo@gnu.org>
X-Mailer: git-send-email 2.21.0
In-Reply-To: <20190512103802.17032-1-ludo@gnu.org>
References: <20190512103802.17032-1-ludo@gnu.org>
MIME-Version: 1.0
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-Received-From: 209.51.188.43
X-BeenThere: guix-patches@gnu.org
List-Id: <guix-patches.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-patches>,
	<mailto:guix-patches-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/guix-patches/>
List-Post: <mailto:guix-patches@gnu.org>
List-Help: <mailto:guix-patches-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-patches>,
	<mailto:guix-patches-request@gnu.org?subject=subscribe>
Cc: Chris Marusich <cmmarusich@gmail.com>
Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org
Sender: "Guix-patches"
	<guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org>
X-getmail-retrieved-from-mailbox: Patches

* guix/docker.scm (config): Add #:entry-point and honor it.
(build-docker-image): Likewise.
---
 guix/docker.scm | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

diff --git a/guix/docker.scm b/guix/docker.scm
index c6e9c6fee5..7fe83d9797 100644
--- a/guix/docker.scm
+++ b/guix/docker.scm
@@ -1,6 +1,6 @@
 ;;; GNU Guix --- Functional package management for GNU
 ;;; Copyright © 2017 Ricardo Wurmus <rekado@elephly.net>
-;;; Copyright © 2017, 2018 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2017, 2018, 2019 Ludovic Courtès <ludo@gnu.org>
 ;;; Copyright © 2018 Chris Marusich <cmmarusich@gmail.com>
 ;;;
 ;;; This file is part of GNU Guix.
@@ -73,7 +73,7 @@
   `((,(generate-tag path) . ((latest . ,id)))))
 
 ;; See https://github.com/opencontainers/image-spec/blob/master/config.md
-(define (config layer time arch)
+(define* (config layer time arch #:key entry-point)
   "Generate a minimal image configuration for the given LAYER file."
   ;; "architecture" must be values matching "platform.arch" in the
   ;; runtime-spec at
@@ -81,7 +81,9 @@
   `((architecture . ,arch)
     (comment . "Generated by GNU Guix")
     (created . ,time)
-    (config . #nil)
+    (config . ,(if entry-point
+                   `((entrypoint . ,entry-point))
+                   #nil))
     (container_config . #nil)
     (os . "linux")
     (rootfs . ((type . "layers")
@@ -110,6 +112,7 @@ return \"a\"."
                              (transformations '())
                              (system (utsname:machine (uname)))
                              database
+                             entry-point
                              compressor
                              (creation-time (current-time time-utc)))
   "Write to IMAGE a Docker image archive containing the given PATHS.  PREFIX
@@ -118,6 +121,9 @@ must be a store path that is a prefix of any store paths in PATHS.
 When DATABASE is true, copy it to /var/guix/db in the image and create
 /var/guix/gcroots and friends.
 
+When ENTRY-POINT is true, it must be a list of strings; it is stored as the
+entry point in the Docker image JSON structure.
+
 SYMLINKS must be a list of (SOURCE -> TARGET) tuples describing symlinks to be
 created in the image, where each TARGET is relative to PREFIX.
 TRANSFORMATIONS must be a list of (OLD -> NEW) tuples describing how to
@@ -227,7 +233,8 @@ SRFI-19 time-utc object, as the creation time in metadata."
       (with-output-to-file "config.json"
         (lambda ()
           (scm->json (config (string-append id "/layer.tar")
-                             time arch))))
+                             time arch
+                             #:entry-point entry-point))))
       (with-output-to-file "manifest.json"
         (lambda ()
           (scm->json (manifest prefix id))))

From patchwork Sun May 12 10:38:02 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: =?utf-8?q?Ludovic_Court=C3=A8s?= <ludo@gnu.org>
X-Patchwork-Id: 13959
Return-Path: <guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org>
X-Original-To: patchwork@mira.cbaines.net
Delivered-To: patchwork@mira.cbaines.net
Received: by mira.cbaines.net (Postfix, from userid 113)
	id AF70616F30; Sun, 12 May 2019 11:39:13 +0100 (BST)
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on mira.cbaines.net
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,URIBL_BLOCKED
	autolearn=ham autolearn_force=no version=3.4.0
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17])
	by mira.cbaines.net (Postfix) with ESMTP id 01D8516F30
	for <patchwork@mira.cbaines.net>; Sun, 12 May 2019 11:39:13 +0100 (BST)
Received: from localhost ([127.0.0.1]:41517 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org>)
	id 1hPlsu-00076R-DA
	for patchwork@mira.cbaines.net; Sun, 12 May 2019 06:39:12 -0400
Received: from eggs.gnu.org ([209.51.188.92]:53196)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1hPlsp-00071q-D1
	for guix-patches@gnu.org; Sun, 12 May 2019 06:39:08 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1hPlsn-0007XU-L3
	for guix-patches@gnu.org; Sun, 12 May 2019 06:39:07 -0400
Received: from debbugs.gnu.org ([209.51.188.43]:56640)
	by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
	(Exim 4.71) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
	id 1hPlsn-0007Ws-GG
	for guix-patches@gnu.org; Sun, 12 May 2019 06:39:05 -0400
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1hPlsn-0002u0-CQ
	for guix-patches@gnu.org; Sun, 12 May 2019 06:39:05 -0400
X-Loop: help-debbugs@gnu.org
Subject: [bug#35697] [PATCH 8/8] vm: 'system-docker-image' provides an entry
	point.
Resent-From: Ludovic =?utf-8?q?Court=C3=A8s?= <ludo@gnu.org>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: guix-patches@gnu.org
Resent-Date: Sun, 12 May 2019 10:39:05 +0000
Resent-Message-ID: <handler.35697.B35697.155765750911065@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 35697
X-GNU-PR-Package: guix-patches
X-GNU-PR-Keywords: patch
To: 35697@debbugs.gnu.org
Received: via spool by 35697-submit@debbugs.gnu.org id=B35697.155765750911065
	(code B ref 35697); Sun, 12 May 2019 10:39:05 +0000
Received: (at 35697) by debbugs.gnu.org; 12 May 2019 10:38:29 +0000
Received: from localhost ([127.0.0.1]:41944 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1hPlsC-0002sK-LN
	for submit@debbugs.gnu.org; Sun, 12 May 2019 06:38:29 -0400
Received: from eggs.gnu.org ([209.51.188.92]:38687)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <ludo@gnu.org>) id 1hPlsA-0002r6-Aj
	for 35697@debbugs.gnu.org; Sun, 12 May 2019 06:38:26 -0400
Received: from fencepost.gnu.org ([2001:470:142:3::e]:54356)
	by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <ludo@gnu.org>)
	id 1hPls5-0007K6-3m; Sun, 12 May 2019 06:38:21 -0400
Received: from [2a01:e0a:1d:7270:af76:b9b:ca24:c465] (port=41590 helo=gnu.org)
	by fencepost.gnu.org with esmtpsa
	(TLS1.2:DHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.82)
	(envelope-from <ludo@gnu.org>)
	id 1hPls4-00052w-HM; Sun, 12 May 2019 06:38:20 -0400
From: Ludovic =?utf-8?q?Court=C3=A8s?= <ludo@gnu.org>
Date: Sun, 12 May 2019 12:38:02 +0200
Message-Id: <20190512103802.17032-8-ludo@gnu.org>
X-Mailer: git-send-email 2.21.0
In-Reply-To: <20190512103802.17032-1-ludo@gnu.org>
References: <20190512103802.17032-1-ludo@gnu.org>
MIME-Version: 1.0
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-Received-From: 209.51.188.43
X-BeenThere: guix-patches@gnu.org
List-Id: <guix-patches.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-patches>,
	<mailto:guix-patches-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/guix-patches/>
List-Post: <mailto:guix-patches@gnu.org>
List-Help: <mailto:guix-patches-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-patches>,
	<mailto:guix-patches-request@gnu.org?subject=subscribe>
Cc: Chris Marusich <cmmarusich@gmail.com>
Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org
Sender: "Guix-patches"
	<guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org>
X-getmail-retrieved-from-mailbox: Patches

This simplifies use of images created with 'guix system docker-image'.

* gnu/system/vm.scm (system-docker-image)[boot-program]: New variable.
[os]: Add it to the GC roots.
[build]: Pass #:entry-point to 'build-docker-image'.
* gnu/tests/docker.scm (run-docker-system-test): New procedure.
(%test-docker-system): New variable.
* doc/guix.texi (Invoking guix system): Remove GUIX_NEW_SYSTEM hack and
'--entrypoint' from the example.  Mention 'docker create', 'docker
start', and 'docker exec'.
---
 doc/guix.texi        |  18 ++++---
 gnu/system/vm.scm    |  18 ++++++-
 gnu/tests/docker.scm | 118 ++++++++++++++++++++++++++++++++++++++++++-
 3 files changed, 145 insertions(+), 9 deletions(-)

diff --git a/doc/guix.texi b/doc/guix.texi
index df7208229c..da65fd8a4e 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -24497,20 +24497,26 @@ system configuration file.  You can then load the image and launch a
 Docker container using commands like the following:
 
 @example
-image_id="$(docker load < guix-system-docker-image.tar.gz)"
-docker run -e GUIX_NEW_SYSTEM=/var/guix/profiles/system \\
-    --entrypoint /var/guix/profiles/system/profile/bin/guile \\
-    $image_id /var/guix/profiles/system/boot
+image_id="`docker load < guix-system-docker-image.tar.gz`"
+container_id="`docker create $image_id`"
+docker start $container_id
 @end example
 
 This command starts a new Docker container from the specified image.  It
 will boot the Guix system in the usual manner, which means it will
 start any services you have defined in the operating system
-configuration.  Depending on what you run in the Docker container, it
+configuration.  You can get an interactive shell running in the container
+using @command{docker exec}:
+
+@example
+docker exec -ti $container_id /run/current-system/profile/bin/bash --login
+@end example
+
+Depending on what you run in the Docker container, it
 may be necessary to give the container additional permissions.  For
 example, if you intend to build software using Guix inside of the Docker
 container, you may need to pass the @option{--privileged} option to
-@code{docker run}.
+@code{docker create}.
 
 @item container
 Return a script to run the operating system declared in @var{file}
diff --git a/gnu/system/vm.scm b/gnu/system/vm.scm
index 124abd0fc9..f3027cd4ca 100644
--- a/gnu/system/vm.scm
+++ b/gnu/system/vm.scm
@@ -473,7 +473,7 @@ the image."
 
 (define* (system-docker-image os
                               #:key
-                              (name "guixsd-docker-image")
+                              (name "guix-docker-image")
                               register-closures?)
   "Build a docker image.  OS is the desired <operating-system>.  NAME is the
 base name to use for the output file.  When REGISTER-CLOSURES? is not #f,
@@ -487,7 +487,19 @@ should set REGISTER-CLOSURES? to #f."
          (local-file (search-path %load-path
                                   "guix/store/schema.sql"))))
 
-  (let ((os    (containerized-operating-system os '()))
+  (define boot-program
+    ;; Program that runs the boot script of OS, which in turn starts shepherd.
+    (program-file "boot-program"
+                  #~(let ((system (cadr (command-line))))
+                      (setenv "GUIX_NEW_SYSTEM" system)
+                      (execl #$(file-append guile-2.2 "/bin/guile")
+                             "guile" "--no-auto-compile"
+                             (string-append system "/boot")))))
+
+
+  (let ((os    (operating-system-with-gc-roots
+                (containerized-operating-system os '())
+                (list boot-program)))
         (name  (string-append name ".tar.gz"))
         (graph "system-graph"))
     (define build
@@ -538,9 +550,11 @@ should set REGISTER-CLOSURES? to #f."
                                  (string-append "/xchg/" #$graph)
                                read-reference-graph)))
                  #$os
+                 #:entry-point '(#$boot-program #$os)
                  #:compressor '(#+(file-append gzip "/bin/gzip") "-9n")
                  #:creation-time (make-time time-utc 0 1)
                  #:transformations `((,root-directory -> ""))))))))
+
     (expression->derivation-in-linux-vm
      name build
      #:make-disk-image? #f
diff --git a/gnu/tests/docker.scm b/gnu/tests/docker.scm
index 25e172efae..3cd3a27884 100644
--- a/gnu/tests/docker.scm
+++ b/gnu/tests/docker.scm
@@ -1,5 +1,6 @@
 ;;; GNU Guix --- Functional package management for GNU
 ;;; Copyright © 2019 Danny Milosavljevic <dannym@scratchpost.org>
+;;; Copyright © 2019 Ludovic Courtès <ludo@gnu.org>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -28,6 +29,7 @@
   #:use-module (gnu services desktop)
   #:use-module (gnu packages bootstrap) ; %bootstrap-guile
   #:use-module (gnu packages docker)
+  #:use-module (gnu packages guile)
   #:use-module (guix gexp)
   #:use-module (guix grafts)
   #:use-module (guix monads)
@@ -38,7 +40,8 @@
   #:use-module (guix tests)
   #:use-module (guix build-system trivial)
   #:use-module ((guix licenses) #:prefix license:)
-  #:export (%test-docker))
+  #:export (%test-docker
+            %test-docker-system))
 
 (define %docker-os
   (simple-operating-system
@@ -166,3 +169,116 @@ standard output device and then enters a new line.")
    (name "docker")
    (description "Test Docker container of Guix.")
    (value (build-tarball&run-docker-test))))
+
+
+(define (run-docker-system-test tarball)
+  "Load DOCKER-TARBALL as Docker image and run it in a Docker container,
+inside %DOCKER-OS."
+  (define os
+    (marionette-operating-system
+     %docker-os
+     #:imported-modules '((gnu services herd)
+                          (guix combinators))))
+
+  (define vm
+    (virtual-machine
+     (operating-system os)
+     ;; FIXME: Because we're using the volatile-root setup where the root file
+     ;; system is a tmpfs overlaid over a small root file system, 'docker
+     ;; load' must be able to store the whole image into memory, hence the
+     ;; huge memory requirements.  We should avoid the volatile-root setup
+     ;; instead.
+     (memory-size 3000)
+     (port-forwardings '())))
+
+  (define test
+    (with-imported-modules '((gnu build marionette)
+                             (guix build utils))
+      #~(begin
+          (use-modules (srfi srfi-11) (srfi srfi-64)
+                       (gnu build marionette)
+                       (guix build utils))
+
+          (define marionette
+            (make-marionette (list #$vm)))
+
+          (mkdir #$output)
+          (chdir #$output)
+
+          (test-begin "docker")
+
+          (test-assert "service running"
+            (marionette-eval
+             '(begin
+                (use-modules (gnu services herd))
+                (match (start-service 'dockerd)
+                  (#f #f)
+                  (('service response-parts ...)
+                   (match (assq-ref response-parts 'running)
+                     ((pid) (number? pid))))))
+             marionette))
+
+          (test-assert "load system image and run it"
+            (marionette-eval
+             `(begin
+                (define (slurp command . args)
+                  ;; Return the output from COMMAND.
+                  (let* ((port (apply open-pipe* OPEN_READ command args))
+                         (output (read-line port))
+                         (status (close-pipe port)))
+                    output))
+
+                (define (docker-cli command . args)
+                  ;; Run the given Docker COMMAND.
+                  (apply invoke #$(file-append docker-cli "/bin/docker")
+                         command args))
+
+                (define (wait-for-container-file container file)
+                  ;; Wait for FILE to show up in CONTAINER.
+                  (docker-cli "exec" container
+                              #$(file-append guile-2.2 "/bin/guile")
+                              "-c"
+                              (object->string
+                               `(let loop ((n 15))
+                                  (when (zero? n)
+                                    (error "file didn't show up" ,file))
+                                  (unless (file-exists? ,file)
+                                    (sleep 1)
+                                    (loop (- n 1)))))))
+
+                (let* ((line (slurp #$(file-append docker-cli "/bin/docker")
+                                    "load" "-i" #$tarball))
+                       (repository&tag (string-drop line
+                                                    (string-length
+                                                     "Loaded image: ")))
+                       (container (slurp
+                                   #$(file-append docker-cli "/bin/docker")
+                                   "create" repository&tag)))
+                  (docker-cli "start" container)
+
+                  ;; Wait for shepherd to be ready.
+                  (wait-for-container-file container
+                                           "/var/run/shepherd/socket")
+
+                  (docker-cli "exec" container
+                              "/run/current-system/profile/bin/herd"
+                              "status")
+                  (slurp #$(file-append docker-cli "/bin/docker")
+                         "exec" container
+                         "/run/current-system/profile/bin/herd"
+                         "status" "guix-daemon")))
+             marionette))
+
+          (test-end)
+          (exit (= (test-runner-fail-count (test-runner-current)) 0)))))
+
+  (gexp->derivation "docker-system-test" test))
+
+(define %test-docker-system
+  (system-test
+   (name "docker-system")
+   (description "Run a system image as produced by @command{guix system
+docker-image} inside Docker.")
+   (value (with-monad %store-monad
+            (>>= (system-docker-image (simple-operating-system))
+                 run-docker-system-test)))))